缺少对"billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create Terraform(GCP) [英] missing permission on "billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX": billing.resourceAssociations.create Terraform (GCP)

查看:79
本文介绍了缺少对"billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create Terraform(GCP)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图通过使用Terraform在GCP上自动化创建共享VPC.我已启用对我的服务帐户的所有访问权限(组织管理员,XpnAdmin,存储管理员,计算管理员,计费管理员)

I tried to automate the Shared VPC creation on GCP by using Terraform. I have enabled all the access to my service account (Org Admin, XpnAdmin, Storage Admin, Compute admin, Billing Admin)

但是当我执行Terraform应用时,它会抛出以下错误:

But when i executed terraform apply it's throwing me following error:

缺少对"billingAccounts/CXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create

missing permission on "billingAccounts/CXXXXXXXXXXXXXXXXXX": billing.resourceAssociations.create

我指的是Google提供程序此演示的Github代码.

I'm referring the Google provider Github code for this demo.

推荐答案

您很有可能拥有帐单管理员,但是您还需要具有创建帐单分配或帐单项目经理"的功能.

It's quite likely you have the billing admin, but you also need the ability to create billing assignments, or "Billing Project Manager".

https://cloud.google.com/billing/v1/how-tos/access-control

在云计费帐户上

billing.resourceAssociations.create和resourcemanager.projects.createBillingAssignment.

billing.resourceAssociations.create AND resourcemanager.projects.createBillingAssignment on the Cloud Billing account.

有一些方便的代码可用来引导服务帐户- Google Project工厂-您可能想看看.创建SA后,您就不会出现权限问题

There's some handy code to bootstrap a service account - Google Project Factory - You might want to have a look at that. Once that SA is created you shouldn't have permissions issues

这篇关于缺少对"billingAccounts/XXXXXXXXXXXXXXXXXXXXXXXX"的权限:billing.resourceAssociations.create Terraform(GCP)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆